By weakness (CWE)

CWE-1325: related vulnerabilities

CVEs classified under CWE-1325. Understanding the weakness class helps prioritize systemic fixes over one-off patches.

1 published vulnerability

  • CVE-2026-34183HIGH 7.5

    A vulnerability in OpenSSL's QUIC implementation allows a remote attacker to exhaust server or client memory by repeatedly sending specially crafted network packets called PATH_CHALLENGE frames. The QUIC stack responds to each one by allocating memory for a PATH_RESPONSE frame, but if the attacker never acknowledges these responses, the memory is never freed. An attacker can repeat this process until the application runs out of memory and crashes, causing a denial of service. This affects both QUIC clients and servers running vulnerable OpenSSL versions.